Cortex C2 is a Open source Linux C2 inspired by the void link C2 framework
☆43May 29, 2026Updated last month
Alternatives and similar repositories for cortex-c2
Users that are interested in cortex-c2 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A PoC Cobalt Strike UDRL written in Rust☆31Jun 20, 2026Updated 3 weeks ago
- Havoc BOF implementation of BYOVD attack to terminate PPL-protected EDR processes using a signed Microsoft kernel driver.☆39Apr 6, 2026Updated 3 months ago
- AdaptixC2 default beacon agent extended to support Crystal Palace loaders.☆62May 4, 2026Updated 2 months ago
- Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11☆85Jan 26, 2026Updated 5 months ago
- Noradrenaline is a collection of high-performance post-exploitation shared libraries designed for native execution on macOS and Linux end…☆29Jul 6, 2026Updated last week
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Async BOF to capture KeePass master passwords by detecting and keylogging locked database windows.☆46Jun 18, 2026Updated 3 weeks ago
- Staged DLL injection proof-of-concept built in C using Win32 APIs — developed in an isolated lab environment for red team certification s…☆40Jun 4, 2026Updated last month
- A EDR bypassing shellcode loader framework for Windows 10 64bit, featuring ETW/AMSI patching, Tartarus Gate, process protection and more☆57Jun 24, 2026Updated 2 weeks ago
- Cobalt Strike BOF to obtain location data☆26Jul 4, 2026Updated last week
- Async BOF that monitors USB device connect/disconnect events, reports device information and performs actions on connected USB storage vo…☆56Jun 17, 2026Updated 3 weeks ago
- Curated Linux LPE corpus — 28 modules from 2016 to 2026, with detection rules. One command, safest-first root: skeletonkey --auto --i-kno…☆16Updated this week
- Havoc C2 BOF port of the KslD.sys BYOVD technique. Credential extraction from lsass via physical memory — no OpenProcess, no auditable AP…☆142Apr 22, 2026Updated 2 months ago
- A Beacon Object File suite for Microsoft SQL Server that speaks TDS 7.4 on the wire itself☆97Apr 9, 2026Updated 3 months ago
- Stack spoofing Detection for CET processes by comparing shadow and user stacks.☆36May 22, 2026Updated last month
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Advanced EDR Evasion via AI Telemetry Spoofing & WASM Sandboxing. Project Onyx is a PoC Red Team pipeline designed to demonstrate advance…☆113Jun 30, 2026Updated 2 weeks ago
- COM Windows Persistence Technique☆89Apr 27, 2026Updated 2 months ago
- Bof of RegPwn by MDSec☆127Mar 15, 2026Updated 3 months ago
- A Windows tool that converts LDIF files to BloodHound CE☆30Dec 20, 2025Updated 6 months ago
- Phantom-Evasion-Loader is a standalone, pure x64 Assembly injection engine engineered to minimize the detection surface of modern EDR/XDR…☆108Updated this week
- windows api bug☆39May 24, 2026Updated last month
- Proof of concept to detect module stomping detection by looking for modified .pdata sections.☆39Jun 11, 2026Updated last month
- Thermal pocket printer - BLE protocol reverse engineering, Python CLI, and web GUI☆15May 4, 2026Updated 2 months ago
- Active Directory time discovery protocols for red teams. Stealthy extraction via Kerberos, SMB, NTLM, and CLDAP.☆71Updated this week
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Another BYOVD process killer. works on all EDR's. fully signed.☆285May 19, 2026Updated last month
- A credential extraction BOF for Veeam Backup and Replication and Veeam One☆78Jul 1, 2026Updated last week
- A compiled language for Windows position-independent x86-64 shellcode and Beacon Object Files.☆170Jun 28, 2026Updated 2 weeks ago
- Usermode detector that catches indirect syscalls. Traps Hell's Hall, Tartarus' Gate, RecycledGate, and VEH syscalls & Many more.☆84Jun 15, 2026Updated 3 weeks ago
- Simulate Windows EXE for Malware Research!☆20Sep 4, 2024Updated last year
- Smuggling C2 comms through links previews☆18Jun 17, 2026Updated 3 weeks ago
- Async BOF to automatically extract or renew Kerberos TGTs on a target system.☆134Updated this week
- Evasive loader for .NET Framework assemblies☆44May 14, 2026Updated 2 months ago
- EncryptInterceptor fail-open bypass in Apache Tomcat Tribes clustering leading to unauthenticated RCE via Java deserialization.☆69May 11, 2026Updated 2 months ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Golang Automation Framework for Cobalt Strike using the Rest API☆60Apr 10, 2026Updated 3 months ago
- KHAOS is a modern C2 framework that routes agent traffic through cloud services already trusted by enterprise networks.☆186Updated this week
- A Cobalt Strike Beacon Object File that exploits the BlueHammer vulnerability that to obtain a copy of the SAM database.☆166Apr 15, 2026Updated 2 months ago
- Fortinet FortiClientEMS improper access control☆35Apr 20, 2026Updated 2 months ago
- Polymorphic AV/AMSI bypass toolkit - Donut shellcode runner for offensive .NET/PE tools☆36May 26, 2026Updated last month
- xnew is a fast, low-memory CLI that appends only unique lines to files. Built in Go for large datasets, it streams input efficiently and …☆27May 23, 2026Updated last month
- A POC tool for exploring dev-tunnels☆66May 5, 2026Updated 2 months ago